Oval Definition:oval:org.mitre.oval:def:8070
Revision Date:2014-06-23Version:18
Title:DSA-1462 hplip -- missing input sanitising
Description:Kees Cook discovered that the hpssd tool of the HP Linux Printing and Imaging System (HPLIP) performs insufficient input sanitising of shell meta characters, which may result in local privilege escalation to the hplip user. The old stable distribution (sarge) is not affected by this problem. For the stable distribution (etch), this problem has been fixed in version 1.6.10-3etch1. For the unstable distribution (sid), this problem has been fixed in version 1.6.10-4.3. We recommend that you upgrade your hplip packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2007-5208
DSA-1462
Platform(s):Debian GNU/Linux 4.0
Product(s):hplip
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • hpijs-ppds is earlier than 2.6.10+1.6.10-3etch1
  • OR hplip-data is earlier than 1.6.10-3etch1
  • OR hplip-doc is earlier than 1.6.10-3etch1
  • OR hplip is earlier than 1.6.10-3etch1
  • OR hplip-dbg is earlier than 1.6.10-3etch1
  • OR hpijs is earlier than 2.6.10+1.6.10-3etch1
    • BACK